US Indicts Canadian Hacker for $65M KyberSwap & Indexed Finance Hack

0
KyberSwap & Indexed Finance Hack

KyberSwap & Indexed Finance Hack

U.S. federal prosecutors have indicted Canadian national Andean Medjedovic for allegedly orchestrating the KyberSwap & Indexed Finance hack, resulting in the theft of approximately $65 million in cryptocurrency. The indictment, unsealed on February 3, 2025, in a Brooklyn federal court, charges Medjedovic with wire fraud, computer hacking, attempted extortion, and money laundering.

KyberSwap & Indexed Finance Hack: A Detailed Breakdown

According to the indictment, Medjedovic, a 22-year-old mathematics graduate from the University of Waterloo, exploited vulnerabilities in the decentralized finance (DeFi) protocols KyberSwap and Indexed Finance. In 2021, he allegedly manipulated smart contracts within Indexed Finance, executing deceptive trades that led to the miscalculation of asset values, resulting in a $16.5 million loss for investors. Two years later, in 2023, he purportedly employed a similar strategy on KyberSwap, siphoning off $48.8 million. Prosecutors allege that Medjedovic meticulously planned the KyberSwap exploit over several months. He maintained directories with ominous labels such as KYBER_KILL and templateexploit. A POOL HIT LIST was created to identify target liquidity pools, and he strategically timed the attack, noting, Find time to Strike CEO is in Ho-Chi. He even calculated the optimal moment for the attack to coincide with periods when American and European users would likely be asleep, minimizing immediate detection and response to the crime.

KyberSwap & Indexed Finance Hack
US Indicts Canadian Hacker for $65M KyberSwap & Indexed Finance Hack

Following the KyberSwap & Indexed Finance Hack, Medjedovic allegedly attempted to extort the platform’s developers and investors team. He demanded control of the protocol in exchange for returning 50% of the stolen funds. Concurrently, he and an associate are accused of laundering the stolen cryptocurrency through mixers and blockchain bridges, shuffling funds across multiple networks to obscure their origins. They also allegedly opened accounts at crypto exchanges using fake identities to liquidate their holdings without raising red flags. In a twist to the investigation, when a bridge protocol froze some of his transactions, Medjedovic allegedly paid an undercover law enforcement agent $85,000, believing the agent was a developer who could bypass the restrictions and unlock $500,000 of his frozen crypto assets. If convicted, Medjedovic faces significant penalties, including up to 20 years in prison for each count of wire fraud, attempted extortion, and money laundering, as well as 10 years for unauthorized damage to a protected computer. Law enforcement agencies, including the Dutch National Police Cybercrime Unit and U.S. prosecutors, continue to pursue Medjedovic, who remains at large.

Kyberswap & Indexed Finance Hack Security Implication

The KyberSwap & Indexed Finance hack has sent shockwaves through the DeFi community, highlighting the vulnerabilities inherent in decentralized platforms. In response, KyberSwap announced a treasury program on December 20, 2023, to compensate users affected by the hack. This incident underscores the critical need for robust security measures and continuous monitoring within the rapidly evolving DeFi landscape. In a recent. X post, the protocol said the grant has been fully distributed to 1,371 recipients. (See below.)

Source: X/Kyber Network
US Indicts Canadian Hacker for $65M KyberSwap & Indexed Finance Hack | Source: X/Kyber Network

John Reed Stark, former Chief of the SEC’s Office of Internet Enforcement, commented on the case: This indictment serves as a stark reminder of the risks associated with decentralized finance platforms. Investors and developers alike must prioritize security and remain vigilant against potential exploits. As the DeFi sector continues to grow, this case highlights the importance of implementing stringent security protocols and fostering collaboration between platforms and law enforcement agencies to prevent future incident. The indictment of Andean Medjedovic for the KyberSwap & Indexed Finance hack marks a pivotal moment in the fight against cybercrime in the cryptocurrency space. It emphasizes the necessity for enhanced security measures and the ongoing vigilance required to protect investors and maintain trust in decentralized financial systems. Get more from The Bit Gazette

Leave a Reply

Your email address will not be published. Required fields are marked *